mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-08 22:35:37 +02:00
0xMarcio
817 B
817 B
CVE-2014-8391
Description
The Web interface in Sendio before 7.2.4 does not properly handle sessions, which allows remote authenticated users to obtain sensitive information from other users' sessions via a large number of requests.
POC
Reference
- http://packetstormsecurity.com/files/132022/Sendio-ESP-Information-Disclosure.html
- http://seclists.org/fulldisclosure/2015/May/95
- https://www.exploit-db.com/exploits/37114/